Loading... Loading, please wait...
Login Get Started
Top

CinglePoint Trust Center — GDPR & Data Protection

Effective Date: November 11, 2025

Operated by CinglePoint LLC (“CinglePoint,” “we,” “us,” or “our”).

CinglePoint is committed to protecting personal data and supporting our customers’ compliance with the EU General Data Protection Regulation (GDPR), the UK GDPR, and other global privacy laws. This page summarizes our program, technical and organizational measures, and customer resources.

Transparency

Clear notices, documented sub-processors, and straightforward data flows.

Security by Default

Encryption in transit, access controls, logging, and least-privilege administration.

Data Subject Rights

Processes to help you respond to access, deletion, and other rights requests.

GDPR Overview

The GDPR is a comprehensive privacy framework that sets out principles for processing personal data of individuals in the EU/EEA (and, via UK GDPR, in the UK). It emphasizes lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability. CinglePoint aligns its policies and controls to these principles.

Scope & Roles

In most cases, CinglePoint acts as a data processor for customer content processed through the CinglePoint platform, and our customers act as data controllers. For our own Website, marketing, and business operations, CinglePoint acts as a controller. Our Privacy Statement explains our controller activities.

  • Processor activities: hosting, storing, transmitting, and otherwise processing customer data under a DPA.
  • Controller activities: site analytics, lead management, customer communications, billing, and service improvement.

Lawful Bases

As a processor, we process personal data per our customers’ documented instructions and lawful bases. As a controller, our typical bases include: contract performance, legitimate interests (balanced against data subject rights), legal obligations, and where applicable, consent. See our Privacy Statement for details.

Data Subject Rights (DSR)

We support customers’ responses to data subject requests (access, correction, deletion, restriction, portability, objection, and automated-decision rights where applicable).

  1. Authenticate the requester’s identity and authority.
  2. Locate relevant data (application logs, records, attachments).
  3. Act using platform tools and administrative workflows.
  4. Record request, actions taken, and outcome for audit.

DSR inquiries can be initiated via your CinglePoint admin or by contacting us at support@cinglepoint.com. For controller requests related to CinglePoint’s own operations, see our Privacy Statement.

International Transfers

Where personal data is transferred outside the EEA/UK/Switzerland, we implement appropriate safeguards (e.g., EU Standard Contractual Clauses, UK addendum/IDTA, and supplementary measures). We also conduct transfer risk assessments where required and monitor regulatory updates.

Sub-processors

We maintain a list of authorized sub-processors who support delivery of the CinglePoint platform (e.g., infrastructure, email delivery, analytics strictly for service operations). We perform diligence and bind them by data protection terms.

  • Contractual commitments (confidentiality, security, privacy requirements)
  • Scope limitation and documented instructions
  • Risk-based onboarding and periodic reviews

See: Current Sub-processor List (subscribe for change notifications).

Security & Compliance

CinglePoint employs layered safeguards to protect personal data. Controls include, as applicable:

  • Encryption in transit (TLS)
  • Role-based access & least privilege
  • Multi-factor admin access
  • Segregated environments
  • Logging & audit trails
  • Secure SDLC & change management
  • Vulnerability management
  • Business continuity & backups
  • Vendor risk management
  • Security awareness training

We can provide additional details (e.g., security overview, SIG/CAIQ responses) upon request: support@cinglepoint.com.

Data Retention

We retain personal data for as long as necessary to deliver the services, comply with legal obligations, resolve disputes, and enforce agreements. Customers may configure retention where available in product settings. Backups are held for limited, defined periods and then securely disposed of.

Privacy by Design & Default

We embed privacy and security reviews into product planning, follow data minimization practices, and limit access to personal data to personnel with a legitimate need. Data protection impact assessments (DPIAs) are supported where required.

Incident Response

We maintain an incident response plan that includes detection, triage, containment, remediation, and communication steps. In the event of a personal data breach affecting customers, we will notify impacted customers without undue delay in accordance with our contractual obligations.

Cookies

We use cookies and similar technologies for required functionality, performance, and (where permitted) advertising/analytics. Manage preferences in our Cookies Preference Center. See the full Cookies Policy.

Children

CinglePoint does not knowingly collect personal data from children under 16 for its services or website. If you believe a child has provided personal data, contact support@cinglepoint.com so we can take appropriate action.

Documents & Resources

Data Processing Addendum (DPA)

Standard terms for processing personal data on your behalf.

Download DPA (PDF)

Standard Contractual Clauses

EU SCCs + UK addendum/IDTA for international transfers.

View SCC Pack

Sub-processor List

Current vendors used to deliver our services.

View Sub-processors

FAQs

Yes. Our standard Data Processing Addendum incorporates required GDPR provisions and SCCs where applicable.

We primarily host in reputable cloud infrastructure providers. Regional options may be available—contact support@cinglepoint.com.

Yes. Your CinglePoint admin can action requests using native tools, and our team can assist per the DPA. Email support@cinglepoint.com.

Contact & DPO

Questions, requests, or privacy concerns:

CinglePoint — Privacy
Email: support@cinglepoint.com

Data Controller: CinglePoint LLC.